There must be ?100? categories here and I have no clue what my question falls under.
I just want to install nvidia tools and it needs a cuda keyring.
I follow the instructions to the letter and try:
sudo dpkg -i cuda-keyring_1.0-1_all.deb
and get the error:
A deprecated public CUDA GPG key appear to be installed.
To remove the key, run this command:
sudo apt-key del 7fa2af80
sudo apt-key del 7fa2af80
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
Then I try again and get the SAME ERROR. I have a feeling the key is installed in a 2nd location managed by gpg. But, whatever, I used Google to try to find how to delete a key with “gpg”, trusted.pgp.d, ubuntu 22.04 and so forth. I could not find a command to do it. I don’t want to read “The Theory of Keys and Key Management” just to be able to delete a key or figure out why the cuda-keyring thing doesn’t work.
On Ubuntu 22.04 is there a “command” to delete key 7fa2af80? If not then how can that be possibly supportable for dumb users and I do not fall into that category and I can’t figure it out.
It does appear to be a true bug that I’ve debugged down to root cause. Using strace I saw the contents of a shell script which had what seems to be incorrect logic. Eventually I found this script was bundled in the cuda-keyring_1.0-1_all.deb file. It is named “postinst”. This script tests if the key DOES NOT EXIST and if it doesn’t then it complains that it does exist. I believe this script was adopted from a nearly identical post install script which had to handle a case where the key needed to be added instead of removed. But no one changed the “if” statement!
FYI, it’d sure be nice if it said WARNING or ERROR. I have no clue if it rolled back the change. I am not a gpg, keyring, etc. expert.
Even NVidia’s documentation about a workaround to this problem is flawed.
3.10.3. cuda-installation-guide-linux 12.1 documentation
- Or if you are unable to install the cuda-keyring package…:
wget https://developer.download.nvidia.com/compute/cuda/repos/<distro>/<arch>/cuda-<distro>-keyring.gpg
sudo mv cuda-<distro>-keyring.gpg /usr/share/keyrings/cuda-archive-keyring.gpg
The file in …/ubuntu2204/x86_64 is NOT named cuda-ubuntu2204-keyring.gpg. The only gpg file in that directory is cuda-archive-keyring.gpg which is listed elsewhere in the doc’s as the WSL keyring file.
I think this is just a harmless warning. The dpkg command still exits with status 0 (success), and you can continue with the instructions.
Still someone probably should fix this, if only to improve clarity.
Yes, I suspected it was probably harmless(exit 0) once I found the problem. I wish it had prefixed the message with “WARNING:”.
Also, there is still the issue of the saying if the install doesn’t work then manually copy the keyring file and provides a name that doesn’t exist.
FYI, reddit/r/nvidia someone escalated the issue. Low priority but a trivial fix.
Thanks.
I stumbled upon this too. So what you are saying is that you dont have to update the keyring?
Cause I get
A deprecated public CUDA GPG key appear to be installed.
To remove the key, run this command:
sudo apt-key del 7fa2af80
Should you or should you not remove it. And how in that case?